EMT Practice Test

1. Question Content...


Question List

Question1: Who are allowed to access highly confidential files?

Question2: What is the goal of classification of information?

Question3: Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to?

Question4: There was a fire in a branch of the company Midwest Insurance. The fire department quickly arrived at the scene and could extinguish the fire before it spread and burned down the entire premises. The server, however, was destroyed in the fire. The backup tapes kept in another room had melted and many other documents were lost for good.
What is an example of the indirect damage caused by this fire?

Question5: What is social engineering?

Question6: Availability means

Question7: We can leave laptops during weekdays or weekends in locked bins.

Question8: What is the difference between a restricted and confidential document?

Question9: A decent visitor is roaming around without visitor's ID. As an employee you should do the following, except:

Question10: What type of compliancy standard, regulation or legislation provides a code of practice for information security?

Question11: A scenario wherein the city or location where the building(s) reside is / are not accessible.

Question12: Which of the following is a technical security measure?

Question13: A fire breaks out in a branch office of a health insurance company. The personnel are transferred to neighboring branches to continue their work.
Where in the incident cycle is moving to a stand-by arrangements found?

Question14: Which reliability aspect of information is compromised when a staff member denies having sent a message?

Question15: What type of system ensures a coherent Information Security organisation?

Question16: As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure?

Question17: Who is responsible for Initial asset allocation to the user/custodian of the assets?

Question18: In the event of an Information security incident, system users' roles and responsibilities are to be observed, except:

Question19: Cabling Security is associated with Power, telecommunication and network cabling carrying information are protected from interception and damage.

Question20: How are data and information related?

Question21: What is the security management term for establishing whether someone's identity is correct?

Question22: What is the worst possible action that an employee may receive for sharing his or her password or access with others?

Question23: Changes to the information processing facilities shall be done in controlled manner.

Question24: Which is not a requirement of HR prior to hiring?

Question25: The computer room is protected by a pass reader. Only the System Management department has a pass.
What type of security measure is this?

Question26: A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives.
What is not one of the four main objectives of a risk analysis?

Question27: You have a hard copy of a customer design document that you want to dispose off. What would you do

Question28: How is the purpose of information security policy best described?

Question29: Who is authorized to change the classification of a document?

Question30: There is a network printer in the hallway of the company where you work. Many employees don't pick up their printouts immediately and leave them on the printer.
What are the consequences of this to the reliability of the information?

Question31: Access Control System, CCTV and security guards are form of:

Question32: In acceptable use of Information Assets, which is the best practice?

Question33: An administration office is going to determine the dangers to which it is exposed.
What do we call a possible event that can have a disruptive effect on the reliability of information?

Question34: A member of staff denies sending a particular message.
Which reliability aspect of information is in danger here?